End to end encryption has been prohibitively difficult for far too long. @trelent/e2ee is an attempt to make it easier.
Our goal was to make the barrier of entry as low as possible. That comes with some compromises. Our goal is to optimize for as many use-cases as possible while keeping things simple. We believe the large majority of use-cases will be for encrypting data at rest, in non-realtime applications. Most sensitive data stored in SaaS applications is not shared between users in a way that requires Peer-to-Peer encryption.
There are already many great libraries for peer-to-peer encryption. For example, the Signal Protocol. We encourage you to use them instead of this library for that purpose.
- Key derivation under the hood using a simple passphrase
- Users remember their passphrase, you hold the salt in your database.
- For you crypto nerds out there, we use the PBKDF2 algorithm with HMAC-SHA256, 10000 iterations, and a 256-bit key, all implemented in the subtle crypto library.